smeserver-fetchmail/contribs10/smeserver-fetchmail-1.6-update_iptables_rules.patch

diff -Nur smeserver-fetchmail-1.6/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail smeserver-fetchmail-1.6_bz9180/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail
--- smeserver-fetchmail-1.6/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail      2015-02-06 10:41:14.000000000 +0100
+++ smeserver-fetchmail-1.6_bz9180/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail       2016-01-08 11:54:50.130911307 +0100
@@ -9,19 +9,19 @@
 
         # Block any outgoing connections to POP3 servers
 
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 110\\\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 110\\\n";
        $OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 110 --jump DROP\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 110 --jump DROP\n";
 
         # Block any outgoing connections to IMAP4 servers
 
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 143\\\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 143\\\n";
        $OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 143 --jump DROP\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 143 --jump DROP\n";
 
     }
     my $routingSMTP = $FetchMails{ "RoutingSMTP" } || "YES" ;
@@ -30,11 +30,11 @@
         # Users on LAN are not allowed to access to SMTP
         # servers on Internet.
 
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 25\\\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 25\\\n";
         $OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 25 --jump DROP\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 25 --jump DROP\n";
 
     }
     my $routingNNTP = $FetchMails{ "RoutingNNTP" } || "YES" ;
@@ -43,11 +43,11 @@
         # Users on LAN are not allowed to access to news
         # servers on Internet.
 
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 119\\\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 119\\\n";
         $OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
-        $OUT .= "    /sbin/iptables --table nat --append PREROUTING\\\n";
-        $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 119 --jump DROP\n";
+        $OUT .= "    /sbin/iptables --append FORWARD\\\n";
+        $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 119 --jump DROP\n";
 
     }
 }
1	diff -Nur smeserver-fetchmail-1.6/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail smeserver-fetchmail-1.6_bz9180/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail
2	--- smeserver-fetchmail-1.6/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail 2015-02-06 10:41:14.000000000 +0100
3	+++ smeserver-fetchmail-1.6_bz9180/root/etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy-fetchmail 2016-01-08 11:54:50.130911307 +0100
4	@@ -9,19 +9,19 @@
5
6	# Block any outgoing connections to POP3 servers
7
8	- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
9	- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 110\\\n";
10	+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
11	+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 110\\\n";
12	$OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
13	- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
14	- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 110 --jump DROP\n";
15	+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
16	+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 110 --jump DROP\n";
17
18	# Block any outgoing connections to IMAP4 servers
19
20	- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
21	- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 143\\\n";
22	+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
23	+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 143\\\n";
24	$OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
25	- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
26	- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 143 --jump DROP\n";
27	+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
28	+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 143 --jump DROP\n";
29
30	}
31	my $routingSMTP = $FetchMails{ "RoutingSMTP" } \|\| "YES" ;
32	@@ -30,11 +30,11 @@
33	# Users on LAN are not allowed to access to SMTP
34	# servers on Internet.
35
36	- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
37	- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 25\\\n";
38	+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
39	+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 25\\\n";
40	$OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
41	- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
42	- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 25 --jump DROP\n";
43	+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
44	+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 25 --jump DROP\n";
45
46	}
47	my $routingNNTP = $FetchMails{ "RoutingNNTP" } \|\| "YES" ;
48	@@ -43,11 +43,11 @@
49	# Users on LAN are not allowed to access to news
50	# servers on Internet.
51
52	- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
53	- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 119\\\n";
54	+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
55	+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 119\\\n";
56	$OUT .= "\t--jump LOG --log-prefix \"denylogfetchmail: \"\n";
57	- $OUT .= " /sbin/iptables --table nat --append PREROUTING\\\n";
58	- $OUT .= "\t-i \$INTERNALIF -p tcp --dst ! \$LOCALIP --dport 119 --jump DROP\n";
59	+ $OUT .= " /sbin/iptables --append FORWARD\\\n";
60	+ $OUT .= "\t-i \$INTERNALIF -p tcp ! --dst \$LOCALIP --dport 119 --jump DROP\n";
61
62	}
63	}